package com.zhuozhengsoft.pageoffice.zoomseal;

import java.net.MalformedURLException;
import java.security.MessageDigest;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Statement;
import java.sql.Timestamp;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Properties;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/zhuozhengsoft/pageoffice/zoomseal/UserManager.class */
public class UserManager {
    private HttpServletRequest a;
    private String b;
    private String c;
    private String d;
    private String e;
    private int f = 1;

    public UserManager(HttpServletRequest httpServletRequest) {
        this.b = "";
        this.c = "";
        this.d = "";
        this.e = "";
        this.a = httpServletRequest;
        String realPath = this.a.getSession().getServletContext().getRealPath("/WEB-INF/lib/poseal.db");
        String str = realPath;
        if (realPath == null) {
            try {
                str = this.a.getSession().getServletContext().getResource("/").getPath() + "WEB-INF/lib/poseal.db";
            } catch (MalformedURLException unused) {
            }
        }
        if (this.a.getSession().getServletContext().getInitParameter("posealdb-driver") == null) {
            this.b = "org.sqlite.JDBC";
            this.c = "jdbc:sqlite:" + str;
        } else {
            this.b = this.a.getSession().getServletContext().getInitParameter("posealdb-driver");
            this.c = this.a.getSession().getServletContext().getInitParameter("posealdb-url");
            this.d = this.a.getSession().getServletContext().getInitParameter("posealdb-username");
            this.e = this.a.getSession().getServletContext().getInitParameter("posealdb-password");
        }
    }

    public String cleanSQLParam(String str) {
        return str.replaceAll(".*([';]+|(--)+).*", " ");
    }

    public void setOPUserID(int i) {
        this.f = i;
    }

    private void a(Connection connection, String str, String str2) {
        if (this.c.toLowerCase().indexOf("oracle") >= 0) {
            Statement createStatement = connection.createStatement();
            ResultSet executeQuery = createStatement.executeQuery("select ID,UserName from Users Where ID=" + this.f);
            if (executeQuery.next()) {
                String string = executeQuery.getString("UserName");
                executeQuery.close();
                createStatement.executeUpdate("Insert into SysLog(ID, OPDate,OPUserID,OPUserName,OPType,OPDesc) values(SYSLog_Seq.nextval,SYSDATE," + this.f + ",'" + string + "','" + str + "','" + str2 + "')");
            }
            createStatement.close();
            return;
        }
        Statement createStatement2 = connection.createStatement();
        ResultSet executeQuery2 = createStatement2.executeQuery("select ID,UserName from Users Where ID=" + this.f);
        if (executeQuery2.next()) {
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
            Date date = new Date();
            String string2 = executeQuery2.getString("UserName");
            executeQuery2.close();
            createStatement2.executeUpdate("Insert into SysLog(OPDate,OPUserID,OPUserName,OPType,OPDesc) values('" + simpleDateFormat.format(date) + "'," + this.f + ",'" + string2 + "','" + str + "','" + str2 + "')");
        }
        createStatement2.close();
    }

    private static String a(String str) {
        if (str == null || str.length() == 0) {
            return "null";
        }
        StringBuffer stringBuffer = new StringBuffer();
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.update(str.getBytes());
            byte[] digest = messageDigest.digest();
            for (int i = 0; i < digest.length; i++) {
                if ((255 & digest[i]) < 16) {
                    stringBuffer.append("0" + Integer.toHexString(255 & digest[i]));
                } else {
                    stringBuffer.append(Integer.toHexString(255 & digest[i]));
                }
            }
            return stringBuffer.toString().toUpperCase();
        } catch (Exception unused) {
            return "null";
        }
    }

    public boolean Delete(int i) {
        boolean z;
        Class.forName(this.b);
        Connection connection = DriverManager.getConnection(this.c, this.d, this.e);
        Statement createStatement = connection.createStatement();
        ResultSet executeQuery = createStatement.executeQuery("select ID, UserName from Users Where ID=" + i);
        if (executeQuery.next()) {
            String string = executeQuery.getString("UserName");
            executeQuery.close();
            createStatement.executeUpdate("delete from Users where ID=" + i);
            z = true;
            a(connection, "删除用户", "用户名称=" + string + "，ID=" + i + " 的用户已删除。");
        } else {
            executeQuery.close();
            z = false;
        }
        createStatement.close();
        connection.close();
        return z;
    }

    public boolean exists(int i) {
        Class.forName(this.b);
        Connection connection = DriverManager.getConnection(this.c, this.d, this.e);
        Statement createStatement = connection.createStatement();
        ResultSet executeQuery = createStatement.executeQuery("select ID from Users Where ID=" + i);
        boolean z = executeQuery.next();
        executeQuery.close();
        createStatement.close();
        connection.close();
        return z;
    }

    public int exists(String str) {
        int i = -1;
        Class.forName(this.b);
        Connection connection = DriverManager.getConnection(this.c, this.d, this.e);
        PreparedStatement prepareStatement = connection.prepareStatement("select ID from Users Where UserName=?");
        prepareStatement.setString(1, str);
        ResultSet executeQuery = prepareStatement.executeQuery();
        if (executeQuery.next()) {
            i = executeQuery.getInt("ID");
        }
        executeQuery.close();
        prepareStatement.close();
        connection.close();
        return i;
    }

    public int add(User user) {
        int i;
        int i2;
        if (this.c.toLowerCase().indexOf("oracle") >= 0) {
            if (user.getUserName() == null || user.getUserName().equals("")) {
                throw new Exception("无法创建新用户，UserName 不能为空。");
            }
            Class.forName(this.b);
            Connection connection = DriverManager.getConnection(this.c, this.d, this.e);
            int i3 = -1;
            Statement createStatement = connection.createStatement();
            ResultSet executeQuery = createStatement.executeQuery("select Users_Seq.nextval from dual");
            if (executeQuery.next()) {
                i3 = executeQuery.getInt(1);
            }
            executeQuery.close();
            createStatement.close();
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("insert into Users(");
            stringBuffer.append("ID,UserName,Password,DeptID,DeptName,CreateTime,UpdateTime,RoleID,RoleName,EmployNo,Duty,Sex,Tel,Email,Description,IP,CertPKCS7,Status)");
            stringBuffer.append(" values(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
            PreparedStatement prepareStatement = connection.prepareStatement(stringBuffer.toString());
            prepareStatement.setInt(1, i3);
            prepareStatement.setString(2, user.getUserName());
            prepareStatement.setString(3, a(user.b.equals("") ? "111111" : user.b + "6223920FB"));
            prepareStatement.setInt(4, user.getDeptID());
            prepareStatement.setString(5, user.getDeptName());
            Date date = new Date();
            prepareStatement.setTimestamp(6, new Timestamp(date.getTime()));
            prepareStatement.setTimestamp(7, new Timestamp(date.getTime()));
            prepareStatement.setInt(8, user.getRoleID());
            prepareStatement.setString(9, user.getRoleName());
            prepareStatement.setString(10, user.getEmployNo());
            prepareStatement.setString(11, user.getDuty());
            prepareStatement.setString(12, user.getSex());
            prepareStatement.setString(13, user.getTel());
            prepareStatement.setString(14, user.getEmail());
            prepareStatement.setString(15, user.getDescription());
            prepareStatement.setString(16, user.getIP());
            prepareStatement.setString(17, user.getCertPKCS7());
            prepareStatement.setString(18, user.getStatus());
            prepareStatement.executeUpdate();
            prepareStatement.close();
            a(connection, "新建用户", "用户名称=" + user.getUserName() + "，ID=" + i3 + " 的用户新建成功。");
            connection.close();
            return i3;
        }
        if (this.c.toLowerCase().indexOf("sqlite") >= 0) {
            if (user.getUserName() == null || user.getUserName().equals("")) {
                throw new Exception("无法创建新用户，UserName 不能为空。");
            }
            Class.forName(this.b);
            Connection connection2 = DriverManager.getConnection(this.c, this.d, this.e);
            StringBuffer stringBuffer2 = new StringBuffer();
            stringBuffer2.append("insert into Users(");
            stringBuffer2.append("UserName,Password,DeptID,DeptName,CreateTime,UpdateTime,RoleID,RoleName,EmployNo,Duty,Sex,Tel,Email,Description,IP,CertPKCS7,Status)");
            stringBuffer2.append(" values(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
            PreparedStatement prepareStatement2 = connection2.prepareStatement(stringBuffer2.toString());
            prepareStatement2.setString(1, user.getUserName());
            prepareStatement2.setString(2, a(user.b.equals("") ? "111111" : user.b + "6223920FB"));
            prepareStatement2.setInt(3, user.getDeptID());
            prepareStatement2.setString(4, user.getDeptName());
            String format = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(Long.valueOf(new Date().getTime()));
            prepareStatement2.setString(5, format);
            prepareStatement2.setString(6, format);
            prepareStatement2.setInt(7, user.getRoleID());
            prepareStatement2.setString(8, user.getRoleName());
            prepareStatement2.setString(9, user.getEmployNo());
            prepareStatement2.setString(10, user.getDuty());
            prepareStatement2.setString(11, user.getSex());
            prepareStatement2.setString(12, user.getTel());
            prepareStatement2.setString(13, user.getEmail());
            prepareStatement2.setString(14, user.getDescription());
            prepareStatement2.setString(15, user.getIP());
            prepareStatement2.setString(16, user.getCertPKCS7());
            prepareStatement2.setString(17, user.getStatus());
            prepareStatement2.executeUpdate();
            prepareStatement2.close();
            Statement createStatement2 = connection2.createStatement();
            ResultSet executeQuery2 = createStatement2.executeQuery("SELECT last_insert_rowid()");
            if (executeQuery2.next()) {
                i2 = executeQuery2.getInt(1);
                a(connection2, "新建用户", "用户名称=" + user.getUserName() + "，ID=" + i2 + " 的用户新建成功。");
            } else {
                i2 = -1;
            }
            executeQuery2.close();
            createStatement2.close();
            connection2.close();
            return i2;
        }
        if (user.getUserName() == null || user.getUserName().equals("")) {
            throw new Exception("无法创建新用户，UserName 不能为空。");
        }
        Class.forName(this.b);
        Connection connection3 = DriverManager.getConnection(this.c, this.d, this.e);
        StringBuffer stringBuffer3 = new StringBuffer();
        stringBuffer3.append("insert into Users(");
        stringBuffer3.append("UserName,Password,DeptID,DeptName,CreateTime,UpdateTime,RoleID,RoleName,EmployNo,Duty,Sex,Tel,Email,Description,IP,CertPKCS7,Status)");
        stringBuffer3.append(" values(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
        PreparedStatement prepareStatement3 = connection3.prepareStatement(stringBuffer3.toString());
        prepareStatement3.setString(1, user.getUserName());
        prepareStatement3.setString(2, a(user.b.equals("") ? "111111" : user.b + "6223920FB"));
        prepareStatement3.setInt(3, user.getDeptID());
        prepareStatement3.setString(4, user.getDeptName());
        Date date2 = new Date();
        prepareStatement3.setTimestamp(5, new Timestamp(date2.getTime()));
        prepareStatement3.setTimestamp(6, new Timestamp(date2.getTime()));
        prepareStatement3.setInt(7, user.getRoleID());
        prepareStatement3.setString(8, user.getRoleName());
        prepareStatement3.setString(9, user.getEmployNo());
        prepareStatement3.setString(10, user.getDuty());
        prepareStatement3.setString(11, user.getSex());
        prepareStatement3.setString(12, user.getTel());
        prepareStatement3.setString(13, user.getEmail());
        prepareStatement3.setString(14, user.getDescription());
        prepareStatement3.setString(15, user.getIP());
        prepareStatement3.setString(16, user.getCertPKCS7());
        prepareStatement3.setString(17, user.getStatus());
        prepareStatement3.executeUpdate();
        prepareStatement3.close();
        Statement createStatement3 = connection3.createStatement();
        ResultSet executeQuery3 = createStatement3.executeQuery("SELECT @@IDENTITY");
        if (executeQuery3.next()) {
            i = executeQuery3.getInt(1);
            a(connection3, "新建用户", "用户名称=" + user.getUserName() + "，ID=" + i + " 的用户新建成功。");
        } else {
            i = -1;
        }
        executeQuery3.close();
        createStatement3.close();
        connection3.close();
        return i;
    }

    public boolean update(User user) {
        Connection connection;
        boolean z;
        if (user.getUserName() == null || user.getUserName().equals("")) {
            throw new Exception("无法更新用户，UserName 不能为空。");
        }
        Class.forName(this.b);
        if (this.c.toLowerCase().indexOf("microsoft access") >= 0) {
            Properties properties = new Properties();
            properties.put("charSet", "GBK");
            connection = DriverManager.getConnection(this.c, properties);
        } else {
            connection = DriverManager.getConnection(this.c, this.d, this.e);
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("update Users set ");
        stringBuffer.append("UserName=?,");
        stringBuffer.append("Password=?,");
        stringBuffer.append("DeptID=?,");
        stringBuffer.append("DeptName=?,");
        stringBuffer.append("UpdateTime=?,");
        stringBuffer.append("RoleID=?,");
        stringBuffer.append("RoleName=?,");
        stringBuffer.append("EmployNo=?,");
        stringBuffer.append("Duty=?,");
        stringBuffer.append("Sex=?,");
        stringBuffer.append("Tel=?,");
        stringBuffer.append("Email=?,");
        stringBuffer.append("Description=?,");
        stringBuffer.append("IP=?,");
        stringBuffer.append("CertPKCS7=?,");
        stringBuffer.append("Status=?");
        stringBuffer.append(" where ID=" + user.getID());
        PreparedStatement prepareStatement = connection.prepareStatement(stringBuffer.toString());
        prepareStatement.setString(1, user.getUserName());
        if (user.b.equals("")) {
            prepareStatement.setString(2, user.c);
        } else {
            prepareStatement.setString(2, a(user.b + "6223920FB"));
        }
        prepareStatement.setInt(3, user.getDeptID());
        prepareStatement.setString(4, user.getDeptName());
        prepareStatement.setTimestamp(5, new Timestamp(new Date().getTime()));
        prepareStatement.setInt(6, user.getRoleID());
        prepareStatement.setString(7, user.getRoleName());
        prepareStatement.setString(8, user.getEmployNo());
        prepareStatement.setString(9, user.getDuty());
        prepareStatement.setString(10, user.getSex());
        prepareStatement.setString(11, user.getTel());
        prepareStatement.setString(12, user.getEmail());
        prepareStatement.setString(13, user.getDescription());
        prepareStatement.setString(14, user.getIP());
        prepareStatement.setString(15, user.getCertPKCS7());
        prepareStatement.setString(16, user.getStatus());
        if (prepareStatement.executeUpdate() > 0) {
            z = true;
            a(connection, "修改用户", "用户名称=" + user.getUserName() + "，ID=" + user.getID() + " 的用户已被修改。");
        } else {
            z = false;
        }
        prepareStatement.close();
        connection.close();
        return z;
    }

    public User getModel(int i) {
        Connection connection;
        User user = null;
        Class.forName(this.b);
        if (this.c.toLowerCase().indexOf("microsoft access") >= 0) {
            Properties properties = new Properties();
            properties.put("charSet", "GBK");
            connection = DriverManager.getConnection(this.c, properties);
        } else {
            connection = DriverManager.getConnection(this.c, this.d, this.e);
        }
        Statement createStatement = connection.createStatement();
        ResultSet executeQuery = createStatement.executeQuery("select UserName,Password,DeptID,DeptName,CreateTime,UpdateTime,RoleID,RoleName,EmployNo,Duty,Sex,Tel,Email,Description,IP,CertPKCS7,Status from Users Where ID=" + i);
        if (executeQuery.next()) {
            User user2 = new User();
            user = user2;
            user2.a = i;
            user.setUserName(executeQuery.getString("UserName"));
            user.c = executeQuery.getString("Password");
            user.setDeptID(executeQuery.getInt("DeptID"));
            user.setDeptName(executeQuery.getString("DeptName"));
            user.d = (Date) executeQuery.getTimestamp("CreateTime").clone();
            user.e = (Date) executeQuery.getTimestamp("UpdateTime").clone();
            user.setRoleID(executeQuery.getInt("RoleID"));
            user.setRoleName(executeQuery.getString("RoleName"));
            user.setEmployNo(executeQuery.getString("EmployNo"));
            user.setDuty(executeQuery.getString("Duty"));
            user.setSex(executeQuery.getString("Sex"));
            user.setTel(executeQuery.getString("Tel"));
            user.setEmail(executeQuery.getString("Email"));
            user.setDescription(executeQuery.getString("Description"));
            user.setIP(executeQuery.getString("IP"));
            user.setCertPKCS7(executeQuery.getString("CertPKCS7"));
            user.setStatus(executeQuery.getString("Status"));
        }
        executeQuery.close();
        createStatement.close();
        connection.close();
        return user;
    }

    public boolean changeUserPassword(int i, String str, String str2) {
        boolean z = false;
        Class.forName(this.b);
        Connection connection = DriverManager.getConnection(this.c, this.d, this.e);
        PreparedStatement prepareStatement = connection.prepareStatement("select ID from Users Where ID=? and Password=?");
        PreparedStatement preparedStatement = prepareStatement;
        prepareStatement.setInt(1, i);
        preparedStatement.setString(2, a(str + "6223920FB"));
        ResultSet executeQuery = preparedStatement.executeQuery();
        if (executeQuery.next()) {
            executeQuery.close();
            preparedStatement.close();
            PreparedStatement prepareStatement2 = connection.prepareStatement("update Users set Password=? where ID=?");
            preparedStatement = prepareStatement2;
            prepareStatement2.setString(1, a(str2 + "6223920FB"));
            preparedStatement.setInt(2, i);
            if (preparedStatement.executeUpdate() == 1) {
                z = true;
            }
        } else {
            z = false;
            executeQuery.close();
        }
        preparedStatement.close();
        connection.close();
        return z;
    }

    public int login(String str, String str2) {
        int i = -1;
        Class.forName(this.b);
        Connection connection = DriverManager.getConnection(this.c, this.d, this.e);
        PreparedStatement prepareStatement = connection.prepareStatement("select ID from Users Where UserName=? and Password=?");
        prepareStatement.setString(1, str);
        prepareStatement.setString(2, a(str2 + "6223920FB"));
        ResultSet executeQuery = prepareStatement.executeQuery();
        if (executeQuery.next()) {
            i = executeQuery.getInt("ID");
        }
        executeQuery.close();
        prepareStatement.close();
        connection.close();
        return i;
    }

    public List getQueryCollection(String str) {
        ArrayList arrayList = new ArrayList();
        Class.forName(this.b);
        Connection connection = DriverManager.getConnection(this.c, this.d, this.e);
        Statement createStatement = connection.createStatement();
        ResultSet executeQuery = createStatement.executeQuery("select ID,UserName,Password,DeptID,DeptName,CreateTime,UpdateTime,RoleID,RoleName,EmployNo,Duty,Sex,Tel,Email,Description,IP,CertPKCS7,Status from Users " + str);
        while (executeQuery.next()) {
            User user = new User();
            user.a = executeQuery.getInt("ID");
            user.setUserName(executeQuery.getString("UserName"));
            user.c = executeQuery.getString("Password");
            user.setDeptID(executeQuery.getInt("DeptID"));
            user.setDeptName(executeQuery.getString("DeptName"));
            user.d = (Date) executeQuery.getTimestamp("CreateTime").clone();
            user.e = (Date) executeQuery.getTimestamp("UpdateTime").clone();
            user.setRoleID(executeQuery.getInt("RoleID"));
            user.setRoleName(executeQuery.getString("RoleName"));
            user.setEmployNo(executeQuery.getString("EmployNo"));
            user.setDuty(executeQuery.getString("Duty"));
            user.setSex(executeQuery.getString("Sex"));
            user.setTel(executeQuery.getString("Tel"));
            user.setEmail(executeQuery.getString("Email"));
            user.setDescription(executeQuery.getString("Description"));
            user.setIP(executeQuery.getString("IP"));
            user.setCertPKCS7(executeQuery.getString("CertPKCS7"));
            user.setStatus(executeQuery.getString("Status"));
            arrayList.add(user);
        }
        executeQuery.close();
        createStatement.close();
        connection.close();
        return arrayList;
    }
}
